Currently we are using client credential to get an auth token from aws cognito through which a client can access our api configured in api gateway. Now we need to restrict access to some resources in api gateway for specific users. How can we achieve this in cognito without using user login or third party auth?
Cognito token is a JWT token which can be decoded using available libraries like https://jwt.io/
The decoded output would be something like below
For your use case you can put a custom authorizer on API Gateway which decodes the JWT token and based on "cognito:username" it can allow or restrict access
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.